{"url":"http://public2.vulnerablecode.io/api/packages/37453?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0","type":"maven","namespace":"org.apache.tomcat.embed","name":"tomcat-embed-core","version":"10.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"10.1.54","latest_non_vulnerable_version":"11.0.21","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4443?format=json","vulnerability_id":"VCID-5781-s1ny-q7ey","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json"},{"reference_url":"https://akka.io/security/akka-http-cve-2023-44487.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://akka.io/security/akka-http-cve-2023-44487.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"0.94385","scoring_system":"epss","scoring_elements":"0.9997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.94385","scoring_system":"epss","scoring_elements":"0.99971","published_at":"2026-04-13T12:55:00Z"},{"value":"0.94395","scoring_system":"epss","scoring_elements":"0.99974","published_at":"2026-04-18T12:55:00Z"},{"value":"0.944","scoring_system":"epss","scoring_elements":"0.99976","published_at":"2026-05-14T12:55:00Z"},{"value":"0.94445","scoring_system":"epss","scoring_elements":"0.99991","published_at":"2026-05-11T12:55:00Z"},{"value":"0.94446","scoring_system":"epss","scoring_elements":"0.99992","published_at":"2026-05-07T12:55:00Z"},{"value":"0.9446","scoring_system":"epss","scoring_elements":"0.99994","published_at":"2026-05-05T12:55:00Z"},{"value":"0.9446","scoring_system":"epss","scoring_elements":"0.99993","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44487"},{"reference_url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size"},{"reference_url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011"},{"reference_url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"},{"reference_url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack"},{"reference_url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"},{"reference_url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack"},{"reference_url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"},{"reference_url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty"},{"reference_url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"},{"reference_url":"https://bugzilla.proxmox.com/show_bug.cgi?id=4988","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.proxmox.com/show_bug.cgi?id=4988"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242803","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242803"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1216123","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1216123"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-341067.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-341067.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-832273.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-832273.html"},{"reference_url":"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"},{"reference_url":"https://chaos.social/@icing/111210915918780532","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://chaos.social/@icing/111210915918780532"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"},{"reference_url":"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"},{"reference_url":"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752"},{"reference_url":"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"},{"reference_url":"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"},{"reference_url":"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"},{"reference_url":"https://github.com/akka/akka-http/issues/4323","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/akka/akka-http/issues/4323"},{"reference_url":"https://github.com/akka/akka-http/pull/4324","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/akka/akka-http/pull/4324"},{"reference_url":"https://github.com/akka/akka-http/pull/4325","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/akka/akka-http/pull/4325"},{"reference_url":"https://github.com/alibaba/tengine/issues/1872","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/alibaba/tengine/issues/1872"},{"reference_url":"https://github.com/apache/apisix/issues/10320","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/apisix/issues/10320"},{"reference_url":"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"},{"reference_url":"https://github.com/apache/httpd-site/pull/10","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/httpd-site/pull/10"},{"reference_url":"https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a"},{"reference_url":"https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49"},{"reference_url":"https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628"},{"reference_url":"https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e"},{"reference_url":"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"},{"reference_url":"https://github.com/apache/trafficserver/pull/10564","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/apache/trafficserver/pull/10564"},{"reference_url":"https://github.com/apple/swift-nio-http2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apple/swift-nio-http2"},{"reference_url":"https://github.com/Azure/AKS/issues/3947","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/Azure/AKS/issues/3947"},{"reference_url":"https://github.com/caddyserver/caddy/issues/5877","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/caddyserver/caddy/issues/5877"},{"reference_url":"https://github.com/caddyserver/caddy/releases/tag/v2.7.5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/caddyserver/caddy/releases/tag/v2.7.5"},{"reference_url":"https://github.com/dotnet/announcements/issues/277","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/dotnet/announcements/issues/277"},{"reference_url":"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"},{"reference_url":"https://github.com/eclipse/jetty.project/issues/10679","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/eclipse/jetty.project/issues/10679"},{"reference_url":"https://github.com/envoyproxy/envoy/pull/30055","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/envoyproxy/envoy/pull/30055"},{"reference_url":"https://github.com/etcd-io/etcd/issues/16740","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/etcd-io/etcd/issues/16740"},{"reference_url":"https://github.com/facebook/proxygen/pull/466","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/facebook/proxygen/pull/466"},{"reference_url":"https://github.com/golang/go/issues/63417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/golang/go/issues/63417"},{"reference_url":"https://github.com/grpc/grpc-go/pull/6703","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/grpc/grpc-go/pull/6703"},{"reference_url":"https://github.com/grpc/grpc-go/releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/grpc/grpc-go/releases"},{"reference_url":"https://github.com/grpc/grpc/releases/tag/v1.59.2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/grpc/grpc/releases/tag/v1.59.2"},{"reference_url":"https://github.com/h2o/h2o/pull/3291","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/h2o/h2o/pull/3291"},{"reference_url":"https://github.com/haproxy/haproxy/issues/2312","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/haproxy/haproxy/issues/2312"},{"reference_url":"https://github.com/hyperium/hyper/issues/3337","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/hyperium/hyper/issues/3337"},{"reference_url":"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"},{"reference_url":"https://github.com/junkurihara/rust-rpxy/issues/97","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/junkurihara/rust-rpxy/issues/97"},{"reference_url":"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"},{"reference_url":"https://github.com/kazu-yamamoto/http2/issues/93","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kazu-yamamoto/http2/issues/93"},{"reference_url":"https://github.com/Kong/kong/discussions/11741","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/Kong/kong/discussions/11741"},{"reference_url":"https://github.com/kubernetes/kubernetes/pull/121120","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/kubernetes/kubernetes/pull/121120"},{"reference_url":"https://github.com/line/armeria/pull/5232","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/line/armeria/pull/5232"},{"reference_url":"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"},{"reference_url":"https://github.com/micrictor/http2-rst-stream","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/micrictor/http2-rst-stream"},{"reference_url":"https://github.com/microsoft/CBL-Mariner/pull/6381","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/microsoft/CBL-Mariner/pull/6381"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"},{"reference_url":"https://github.com/nghttp2/nghttp2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nghttp2/nghttp2"},{"reference_url":"https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832"},{"reference_url":"https://github.com/nghttp2/nghttp2/pull/1961","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nghttp2/nghttp2/pull/1961"},{"reference_url":"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"},{"reference_url":"https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg"},{"reference_url":"https://github.com/ninenines/cowboy/issues/1615","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/ninenines/cowboy/issues/1615"},{"reference_url":"https://github.com/nodejs/node/pull/50121","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/nodejs/node/pull/50121"},{"reference_url":"https://github.com/openresty/openresty/issues/930","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/openresty/openresty/issues/930"},{"reference_url":"https://github.com/opensearch-project/data-prepper/issues/3474","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/opensearch-project/data-prepper/issues/3474"},{"reference_url":"https://github.com/oqtane/oqtane.framework/discussions/3367","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/oqtane/oqtane.framework/discussions/3367"},{"reference_url":"https://github.com/projectcontour/contour/pull/5826","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/projectcontour/contour/pull/5826"},{"reference_url":"https://github.com/tempesta-tech/tempesta/issues/1986","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/tempesta-tech/tempesta/issues/1986"},{"reference_url":"https://github.com/varnishcache/varnish-cache/issues/3996","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/varnishcache/varnish-cache/issues/3996"},{"reference_url":"https://go.dev/cl/534215","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/534215"},{"reference_url":"https://go.dev/cl/534235","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/534235"},{"reference_url":"https://go.dev/issue/63417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/63417"},{"reference_url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"},{"reference_url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"},{"reference_url":"https://istio.io/latest/news/security/istio-security-2023-004","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://istio.io/latest/news/security/istio-security-2023-004"},{"reference_url":"https://istio.io/latest/news/security/istio-security-2023-004/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://istio.io/latest/news/security/istio-security-2023-004/"},{"reference_url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487"},{"reference_url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"},{"reference_url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4"},{"reference_url":"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"},{"reference_url":"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"},{"reference_url":"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"},{"reference_url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2"},{"reference_url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"},{"reference_url":"https://my.f5.com/manage/s/article/K000137106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://my.f5.com/manage/s/article/K000137106"},{"reference_url":"https://netty.io/news/2023/10/10/4-1-100-Final.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://netty.io/news/2023/10/10/4-1-100-Final.html"},{"reference_url":"https://news.ycombinator.com/item?id=37830987","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37830987"},{"reference_url":"https://news.ycombinator.com/item?id=37830998","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37830998"},{"reference_url":"https://news.ycombinator.com/item?id=37831062","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37831062"},{"reference_url":"https://news.ycombinator.com/item?id=37837043","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://news.ycombinator.com/item?id=37837043"},{"reference_url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response"},{"reference_url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"},{"reference_url":"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"},{"reference_url":"https://security.gentoo.org/glsa/202311-09","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.gentoo.org/glsa/202311-09"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231016-0001","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231016-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231016-0001/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231016-0001/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0007","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240426-0007"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007"},{"reference_url":"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"},{"reference_url":"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12"},{"reference_url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94"},{"reference_url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81"},{"reference_url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records"},{"reference_url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"},{"reference_url":"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cve.org/CVERecord?id=CVE-2023-44487"},{"reference_url":"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"},{"reference_url":"https://www.debian.org/security/2023/dsa-5521","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5521"},{"reference_url":"https://www.debian.org/security/2023/dsa-5522","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5522"},{"reference_url":"https://www.debian.org/security/2023/dsa-5540","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5540"},{"reference_url":"https://www.debian.org/security/2023/dsa-5549","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5549"},{"reference_url":"https://www.debian.org/security/2023/dsa-5558","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5558"},{"reference_url":"https://www.debian.org/security/2023/dsa-5570","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.debian.org/security/2023/dsa-5570"},{"reference_url":"https://www.eclipse.org/lists/jetty-announce/msg00181.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.eclipse.org/lists/jetty-announce/msg00181.html"},{"reference_url":"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"},{"reference_url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487"},{"reference_url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"},{"reference_url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products"},{"reference_url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/10/10/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/10/10/6"},{"reference_url":"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"},{"reference_url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday"},{"reference_url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"},{"reference_url":"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/10/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/10/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/10/7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/10/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/13/4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/13/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/13/9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/13/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/4","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/18/8","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/18/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/19/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/19/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/20/8","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/20/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/08/13/6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/08/13/6"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769","reference_id":"1053769","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770","reference_id":"1053770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801","reference_id":"1053801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232","reference_id":"1054232","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234","reference_id":"1054234","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156","reference_id":"1056156","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421","reference_id":"1074421","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/","reference_id":"2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","reference_id":"3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/","reference_id":"BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/","reference_id":"CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://access.redhat.com/security/cve/cve-2023-44487"},{"reference_url":"https://blog.vespa.ai/cve-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.vespa.ai/cve-2023-44487"},{"reference_url":"https://blog.vespa.ai/cve-2023-44487/","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.vespa.ai/cve-2023-44487/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487"},{"reference_url":"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"},{"reference_url":"https://github.com/bcdannyboy/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/bcdannyboy/CVE-2023-44487"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py","reference_id":"CVE-2023-44487","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487"},{"reference_url":"https://security.paloaltonetworks.com/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.paloaltonetworks.com/CVE-2023-44487"},{"reference_url":"https://ubuntu.com/security/CVE-2023-44487","reference_id":"CVE-2023-44487","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://ubuntu.com/security/CVE-2023-44487"},{"reference_url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack","reference_id":"CVE-2023-44487-HTTP-2-RAPID-RESET-ATTACK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","reference_id":"E72T67UPDRXHIDLO3OROR25YAMN4GGW5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","reference_id":"FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"},{"reference_url":"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf","reference_id":"GHSA-2m7v-gc89-fjqf","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"},{"reference_url":"https://github.com/advisories/GHSA-qppj-fm5r-hxr3","reference_id":"GHSA-qppj-fm5r-hxr3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-qppj-fm5r-hxr3"},{"reference_url":"https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3","reference_id":"GHSA-qppj-fm5r-hxr3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3"},{"reference_url":"https://github.com/advisories/GHSA-vx74-f528-fxqg","reference_id":"GHSA-vx74-f528-fxqg","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-vx74-f528-fxqg"},{"reference_url":"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p","reference_id":"GHSA-xpw8-rcwv-8f8p","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p","reference_id":"GHSA-xpw8-rcwv-8f8p","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p"},{"reference_url":"https://security.gentoo.org/glsa/202408-10","reference_id":"GLSA-202408-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-10"},{"reference_url":"https://security.gentoo.org/glsa/202412-14","reference_id":"GLSA-202412-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-14"},{"reference_url":"https://security.gentoo.org/glsa/202505-11","reference_id":"GLSA-202505-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-11"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","reference_id":"HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/","reference_id":"KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","reference_id":"LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/","reference_id":"LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0007/","reference_id":"ntap-20240426-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0007/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007/","reference_id":"ntap-20240621-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5009","reference_id":"RHSA-2023:5009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5530","reference_id":"RHSA-2023:5530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5541","reference_id":"RHSA-2023:5541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5542","reference_id":"RHSA-2023:5542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5679","reference_id":"RHSA-2023:5679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5705","reference_id":"RHSA-2023:5705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5706","reference_id":"RHSA-2023:5706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5707","reference_id":"RHSA-2023:5707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5708","reference_id":"RHSA-2023:5708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5709","reference_id":"RHSA-2023:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5710","reference_id":"RHSA-2023:5710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5711","reference_id":"RHSA-2023:5711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5712","reference_id":"RHSA-2023:5712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5713","reference_id":"RHSA-2023:5713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5714","reference_id":"RHSA-2023:5714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5715","reference_id":"RHSA-2023:5715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5716","reference_id":"RHSA-2023:5716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5717","reference_id":"RHSA-2023:5717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5719","reference_id":"RHSA-2023:5719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5720","reference_id":"RHSA-2023:5720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5721","reference_id":"RHSA-2023:5721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5724","reference_id":"RHSA-2023:5724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5738","reference_id":"RHSA-2023:5738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5749","reference_id":"RHSA-2023:5749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5764","reference_id":"RHSA-2023:5764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5765","reference_id":"RHSA-2023:5765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5766","reference_id":"RHSA-2023:5766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5767","reference_id":"RHSA-2023:5767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5768","reference_id":"RHSA-2023:5768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5769","reference_id":"RHSA-2023:5769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5770","reference_id":"RHSA-2023:5770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5780","reference_id":"RHSA-2023:5780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5783","reference_id":"RHSA-2023:5783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5784","reference_id":"RHSA-2023:5784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5801","reference_id":"RHSA-2023:5801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5802","reference_id":"RHSA-2023:5802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5803","reference_id":"RHSA-2023:5803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5805","reference_id":"RHSA-2023:5805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5835","reference_id":"RHSA-2023:5835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5837","reference_id":"RHSA-2023:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5838","reference_id":"RHSA-2023:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5840","reference_id":"RHSA-2023:5840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5841","reference_id":"RHSA-2023:5841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5849","reference_id":"RHSA-2023:5849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5850","reference_id":"RHSA-2023:5850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5851","reference_id":"RHSA-2023:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5863","reference_id":"RHSA-2023:5863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5864","reference_id":"RHSA-2023:5864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5865","reference_id":"RHSA-2023:5865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5866","reference_id":"RHSA-2023:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5867","reference_id":"RHSA-2023:5867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5869","reference_id":"RHSA-2023:5869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5896","reference_id":"RHSA-2023:5896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5902","reference_id":"RHSA-2023:5902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5920","reference_id":"RHSA-2023:5920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5922","reference_id":"RHSA-2023:5922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5924","reference_id":"RHSA-2023:5924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5928","reference_id":"RHSA-2023:5928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5929","reference_id":"RHSA-2023:5929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5930","reference_id":"RHSA-2023:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5931","reference_id":"RHSA-2023:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5933","reference_id":"RHSA-2023:5933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5935","reference_id":"RHSA-2023:5935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5945","reference_id":"RHSA-2023:5945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5946","reference_id":"RHSA-2023:5946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5956","reference_id":"RHSA-2023:5956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5965","reference_id":"RHSA-2023:5965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5967","reference_id":"RHSA-2023:5967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5969","reference_id":"RHSA-2023:5969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5970","reference_id":"RHSA-2023:5970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5971","reference_id":"RHSA-2023:5971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5973","reference_id":"RHSA-2023:5973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5974","reference_id":"RHSA-2023:5974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5976","reference_id":"RHSA-2023:5976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5978","reference_id":"RHSA-2023:5978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5979","reference_id":"RHSA-2023:5979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5980","reference_id":"RHSA-2023:5980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5982","reference_id":"RHSA-2023:5982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5989","reference_id":"RHSA-2023:5989","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5989"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6020","reference_id":"RHSA-2023:6020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6021","reference_id":"RHSA-2023:6021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6022","reference_id":"RHSA-2023:6022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6023","reference_id":"RHSA-2023:6023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6030","reference_id":"RHSA-2023:6030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6031","reference_id":"RHSA-2023:6031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6039","reference_id":"RHSA-2023:6039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6040","reference_id":"RHSA-2023:6040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6041","reference_id":"RHSA-2023:6041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6042","reference_id":"RHSA-2023:6042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6048","reference_id":"RHSA-2023:6048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6057","reference_id":"RHSA-2023:6057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6059","reference_id":"RHSA-2023:6059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6061","reference_id":"RHSA-2023:6061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6077","reference_id":"RHSA-2023:6077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6079","reference_id":"RHSA-2023:6079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6080","reference_id":"RHSA-2023:6080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6084","reference_id":"RHSA-2023:6084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6105","reference_id":"RHSA-2023:6105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6106","reference_id":"RHSA-2023:6106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6114","reference_id":"RHSA-2023:6114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6115","reference_id":"RHSA-2023:6115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6117","reference_id":"RHSA-2023:6117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6118","reference_id":"RHSA-2023:6118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6120","reference_id":"RHSA-2023:6120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6129","reference_id":"RHSA-2023:6129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6137","reference_id":"RHSA-2023:6137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6144","reference_id":"RHSA-2023:6144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6154","reference_id":"RHSA-2023:6154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6161","reference_id":"RHSA-2023:6161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6165","reference_id":"RHSA-2023:6165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6179","reference_id":"RHSA-2023:6179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6217","reference_id":"RHSA-2023:6217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6233","reference_id":"RHSA-2023:6233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6235","reference_id":"RHSA-2023:6235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6239","reference_id":"RHSA-2023:6239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6248","reference_id":"RHSA-2023:6248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6251","reference_id":"RHSA-2023:6251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6269","reference_id":"RHSA-2023:6269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6272","reference_id":"RHSA-2023:6272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6280","reference_id":"RHSA-2023:6280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6286","reference_id":"RHSA-2023:6286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6296","reference_id":"RHSA-2023:6296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6298","reference_id":"RHSA-2023:6298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6305","reference_id":"RHSA-2023:6305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6746","reference_id":"RHSA-2023:6746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6779","reference_id":"RHSA-2023:6779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6781","reference_id":"RHSA-2023:6781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6782","reference_id":"RHSA-2023:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6783","reference_id":"RHSA-2023:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6784","reference_id":"RHSA-2023:6784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6785","reference_id":"RHSA-2023:6785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6786","reference_id":"RHSA-2023:6786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6787","reference_id":"RHSA-2023:6787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6788","reference_id":"RHSA-2023:6788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6817","reference_id":"RHSA-2023:6817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6836","reference_id":"RHSA-2023:6836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6837","reference_id":"RHSA-2023:6837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6839","reference_id":"RHSA-2023:6839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6840","reference_id":"RHSA-2023:6840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7198","reference_id":"RHSA-2023:7198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7205","reference_id":"RHSA-2023:7205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7215","reference_id":"RHSA-2023:7215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7218","reference_id":"RHSA-2023:7218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7288","reference_id":"RHSA-2023:7288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7315","reference_id":"RHSA-2023:7315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7325","reference_id":"RHSA-2023:7325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7334","reference_id":"RHSA-2023:7334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7335","reference_id":"RHSA-2023:7335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7344","reference_id":"RHSA-2023:7344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7345","reference_id":"RHSA-2023:7345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7481","reference_id":"RHSA-2023:7481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7482","reference_id":"RHSA-2023:7482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7483","reference_id":"RHSA-2023:7483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7484","reference_id":"RHSA-2023:7484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7486","reference_id":"RHSA-2023:7486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7488","reference_id":"RHSA-2023:7488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7521","reference_id":"RHSA-2023:7521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7522","reference_id":"RHSA-2023:7522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7555","reference_id":"RHSA-2023:7555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7587","reference_id":"RHSA-2023:7587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7610","reference_id":"RHSA-2023:7610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7682","reference_id":"RHSA-2023:7682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7687","reference_id":"RHSA-2023:7687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7699","reference_id":"RHSA-2023:7699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7703","reference_id":"RHSA-2023:7703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7704","reference_id":"RHSA-2023:7704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7741","reference_id":"RHSA-2023:7741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0269","reference_id":"RHSA-2024:0269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0302","reference_id":"RHSA-2024:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0777","reference_id":"RHSA-2024:0777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1444","reference_id":"RHSA-2024:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1770","reference_id":"RHSA-2024:1770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2633","reference_id":"RHSA-2024:2633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4631","reference_id":"RHSA-2024:4631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16668","reference_id":"RHSA-2025:16668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16668"},{"reference_url":"https://usn.ubuntu.com/6427-1/","reference_id":"USN-6427-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6427-1/"},{"reference_url":"https://usn.ubuntu.com/6427-2/","reference_id":"USN-6427-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6427-2/"},{"reference_url":"https://usn.ubuntu.com/6438-1/","reference_id":"USN-6438-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6438-1/"},{"reference_url":"https://usn.ubuntu.com/6505-1/","reference_id":"USN-6505-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6505-1/"},{"reference_url":"https://usn.ubuntu.com/6574-1/","reference_id":"USN-6574-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6574-1/"},{"reference_url":"https://usn.ubuntu.com/6754-1/","reference_id":"USN-6754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6754-1/"},{"reference_url":"https://usn.ubuntu.com/6994-1/","reference_id":"USN-6994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6994-1/"},{"reference_url":"https://usn.ubuntu.com/7067-1/","reference_id":"USN-7067-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7067-1/"},{"reference_url":"https://usn.ubuntu.com/7410-1/","reference_id":"USN-7410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7410-1/"},{"reference_url":"https://usn.ubuntu.com/7469-1/","reference_id":"USN-7469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-1/"},{"reference_url":"https://usn.ubuntu.com/7469-2/","reference_id":"USN-7469-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-2/"},{"reference_url":"https://usn.ubuntu.com/7469-3/","reference_id":"USN-7469-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-3/"},{"reference_url":"https://usn.ubuntu.com/7469-4/","reference_id":"USN-7469-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7469-4/"},{"reference_url":"https://usn.ubuntu.com/7892-1/","reference_id":"USN-7892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7892-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","reference_id":"VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/","reference_id":"VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/","reference_id":"WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/","reference_id":"WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","reference_id":"X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/","reference_id":"XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/","reference_id":"ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/","reference_id":"ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60461?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rmy-13ym-3bgm"},{"vulnerability":"VCID-74tx-sx8a-guhs"},{"vulnerability":"VCID-d1fm-vbd1-n7au"},{"vulnerability":"VCID-fpgj-82wf-ykbw"},{"vulnerability":"VCID-gyed-x6s8-ybhr"},{"vulnerability":"VCID-vsdf-4tfj-uybe"},{"vulnerability":"VCID-zw2q-kna8-mqcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.14"},{"url":"http://public2.vulnerablecode.io/api/packages/60460?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rmy-13ym-3bgm"},{"vulnerability":"VCID-74tx-sx8a-guhs"},{"vulnerability":"VCID-d1fm-vbd1-n7au"},{"vulnerability":"VCID-fpgj-82wf-ykbw"},{"vulnerability":"VCID-gyed-x6s8-ybhr"},{"vulnerability":"VCID-v7tp-1t4h-zqeg"},{"vulnerability":"VCID-vsdf-4tfj-uybe"},{"vulnerability":"VCID-yrzk-1dbk-muhy"},{"vulnerability":"VCID-zw2q-kna8-mqcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@11.0.0-M12"}],"aliases":["CVE-2023-44487","GHSA-2m7v-gc89-fjqf","GHSA-qppj-fm5r-hxr3","GHSA-vx74-f528-fxqg","GHSA-xpw8-rcwv-8f8p","GMS-2023-3377","VSV00013"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5781-s1ny-q7ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4461?format=json","vulnerability_id":"VCID-dy6m-zt6r-9ubd","summary":"Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41079","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27753","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27675","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27659","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2774","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27718","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27655","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28342","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28199","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28133","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28227","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28298","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28098","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28141","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2816","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28148","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28206","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28249","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28242","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29419","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29532","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29355","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0"},{"reference_url":"https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/b90d4fc1ff44f30e4b3aba622ba6677e3f003822"},{"reference_url":"https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/d4b340fa8feaf55831f9a59350578f7b6ca048b8"},{"reference_url":"https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211008-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20211008-0005"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211008-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20211008-0005/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4986","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4986"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2004820","reference_id":"2004820","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2004820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079","reference_id":"CVE-2021-41079","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41079"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41079","reference_id":"CVE-2021-41079","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41079"},{"reference_url":"https://github.com/advisories/GHSA-59g9-7gfx-c72p","reference_id":"GHSA-59g9-7gfx-c72p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-59g9-7gfx-c72p"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3741","reference_id":"RHSA-2021:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3743","reference_id":"RHSA-2021:3743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1179","reference_id":"RHSA-2022:1179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5532","reference_id":"RHSA-2022:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5532"},{"reference_url":"https://usn.ubuntu.com/5360-1/","reference_id":"USN-5360-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5360-1/"},{"reference_url":"https://usn.ubuntu.com/6943-1/","reference_id":"USN-6943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39436?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-j8tk-s915-pbfy"},{"vulnerability":"VCID-kwab-3s4q-eka4"},{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-qkx6-32cj-jfbp"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.4"}],"aliases":["CVE-2021-41079","GHSA-59g9-7gfx-c72p"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dy6m-zt6r-9ubd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4469?format=json","vulnerability_id":"VCID-dzan-r49k-kqab","summary":"An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13934","reference_id":"","reference_type":"","scores":[{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.96017","published_at":"2026-05-14T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95925","published_at":"2026-04-01T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95932","published_at":"2026-04-02T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.9594","published_at":"2026-04-04T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95961","published_at":"2026-04-13T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95972","published_at":"2026-04-16T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95977","published_at":"2026-04-18T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95979","published_at":"2026-04-24T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95978","published_at":"2026-04-29T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95988","published_at":"2026-05-05T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95993","published_at":"2026-05-07T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.95996","published_at":"2026-05-09T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.96","published_at":"2026-05-11T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.96004","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399"},{"reference_url":"https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e"},{"reference_url":"https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/c9167ae30f3b03b112f3d81772e3450b7d0e6a25"},{"reference_url":"https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200724-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200724-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200724-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200724-0003/"},{"reference_url":"https://usn.ubuntu.com/4596-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4596-1"},{"reference_url":"https://usn.ubuntu.com/4596-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4596-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4727","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4727"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857040","reference_id":"1857040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857040"},{"reference_url":"https://security.archlinux.org/AVG-1205","reference_id":"AVG-1205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934","reference_id":"CVE-2020-13934","reference_type":"","scores":[{"value":"Moderate","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13934","reference_id":"CVE-2020-13934","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13934"},{"reference_url":"https://github.com/advisories/GHSA-vf77-8h7g-gghp","reference_id":"GHSA-vf77-8h7g-gghp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vf77-8h7g-gghp"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3306","reference_id":"RHSA-2020:3306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3308","reference_id":"RHSA-2020:3308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3806","reference_id":"RHSA-2020:3806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3806"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39433?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dy6m-zt6r-9ubd"},{"vulnerability":"VCID-j8tk-s915-pbfy"},{"vulnerability":"VCID-kwab-3s4q-eka4"},{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-qkx6-32cj-jfbp"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2"}],"aliases":["CVE-2020-13934","GHSA-vf77-8h7g-gghp"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzan-r49k-kqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4455?format=json","vulnerability_id":"VCID-j8tk-s915-pbfy","summary":"The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43980.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43980","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48068","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47993","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47964","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48019","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48111","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48057","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48055","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47996","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47994","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47927","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48008","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4806","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48048","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48116","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48063","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48052","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48075","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48051","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43980"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/170e0f792bd18ff031677890ba2fe50eb7a376c1"},{"reference_url":"https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/17f177eeb7df5938f67ef9ea580411b120195f13"},{"reference_url":"https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/4a00b0c0890538b9d3107eef8f2e0afadd119beb"},{"reference_url":"https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/9651b83a1d04583791525e5f0c4c9089f678d9fc"},{"reference_url":"https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/"}],"url":"https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43980","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43980"},{"reference_url":"https://tomcat.apache.org/security-10.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-10.html"},{"reference_url":"https://tomcat.apache.org/security-8.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html"},{"reference_url":"https://tomcat.apache.org/security-9.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html"},{"reference_url":"https://www.debian.org/security/2022/dsa-5265","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/"}],"url":"https://www.debian.org/security/2022/dsa-5265"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/28/1","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:59:33Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/28/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130599","reference_id":"2130599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980","reference_id":"CVE-2021-43980","reference_type":"","scores":[{"value":"High","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43980"},{"reference_url":"https://github.com/advisories/GHSA-jx7c-7mj5-9438","reference_id":"GHSA-jx7c-7mj5-9438","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jx7c-7mj5-9438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7272","reference_id":"RHSA-2022:7272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7273","reference_id":"RHSA-2022:7273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7273"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/50645?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-qkx6-32cj-jfbp"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/50649?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rmy-13ym-3bgm"},{"vulnerability":"VCID-74tx-sx8a-guhs"},{"vulnerability":"VCID-d1fm-vbd1-n7au"},{"vulnerability":"VCID-fpgj-82wf-ykbw"},{"vulnerability":"VCID-gyed-x6s8-ybhr"},{"vulnerability":"VCID-j6cj-ftyd-3ffa"},{"vulnerability":"VCID-stds-vw5z-auhp"},{"vulnerability":"VCID-v7tp-1t4h-zqeg"},{"vulnerability":"VCID-vsdf-4tfj-uybe"},{"vulnerability":"VCID-zw2q-kna8-mqcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1"}],"aliases":["CVE-2021-43980","GHSA-jx7c-7mj5-9438"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j8tk-s915-pbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4459?format=json","vulnerability_id":"VCID-kwab-3s4q-eka4","summary":"A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30640.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30640","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29754","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30195","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30226","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30275","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30093","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30152","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30188","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30191","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30113","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30095","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.3005","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.2998","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29864","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29794","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.2965","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29715","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29728","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29657","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29677","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30640"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/0a272b00aed57526dbfc8b881ab253c23c61f100"},{"reference_url":"https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/17208c645d68d2af1444ee8c64f36a9b8f0ba76f"},{"reference_url":"https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/24dfb30076997b640e5123e92c4b8d7f206f609c"},{"reference_url":"https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0"},{"reference_url":"https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945"},{"reference_url":"https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/4e61e1d625a4a64d6b775e3a03c77a0b100d56d7"},{"reference_url":"https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/4e86b4ea0d1a9b00fa93971c31b93ad1bd49c7fe"},{"reference_url":"https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/6a9129ac9bd06555ce04bb564a76fc3987311f38"},{"reference_url":"https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/749f3cc192c68c34f2375509aea087be45fc4434"},{"reference_url":"https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/79580e7f70a07c083be07307376511bb864d5a7b"},{"reference_url":"https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/81f16b0a7186ed02efbfac336589d6cff28d1e89"},{"reference_url":"https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/91ecdc61ce3420054c04114baaaf1c1e0cbd5d56"},{"reference_url":"https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/ad22db641dcd61c2e8078f658fa709897b5da375"},{"reference_url":"https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899fae22bc43"},{"reference_url":"https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/b930d0b3161d9ec78d5fa57f886ed2de4680518b"},{"reference_url":"https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/bd4d1fbe9146dff4714130594afd668406a6a5ef"},{"reference_url":"https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb"},{"reference_url":"https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/c6b6e1015ae44c936971b6bf8bce70987935b92e"},{"reference_url":"https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/c9f21a2a7908c7c4ecd4f9bb495d3ee36a2bd822"},{"reference_url":"https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/d3407672774e372fae8b5898d55f85d16f22b972"},{"reference_url":"https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/d5303a506c7533803d2b3bc46e6120ce673a6667"},{"reference_url":"https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/e21eb4764ccda55e5a35a5a7c19a6fd2b0757fe9"},{"reference_url":"https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/e50067486cf86564175ca0cfdcbf7d209c6df862"},{"reference_url":"https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/eeb7351219bd8803c0053e1e80444664a7cf5b51"},{"reference_url":"https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/f4d9bdef53ec009b7717620d890465fa273721a6"},{"reference_url":"https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html"},{"reference_url":"https://security.gentoo.org/glsa/202208-34","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-34"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210827-0007","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210827-0007"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210827-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210827-0007/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4952","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4952"},{"reference_url":"https://www.debian.org/security/2021/dsa-4986","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4986"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981544","reference_id":"1981544","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981544"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046","reference_id":"991046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991046"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640","reference_id":"CVE-2021-30640","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30640"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30640","reference_id":"CVE-2021-30640","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30640"},{"reference_url":"https://github.com/advisories/GHSA-36qh-35cm-5w2w","reference_id":"GHSA-36qh-35cm-5w2w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-36qh-35cm-5w2w"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4861","reference_id":"RHSA-2021:4861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4863","reference_id":"RHSA-2021:4863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1179","reference_id":"RHSA-2022:1179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5532","reference_id":"RHSA-2022:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5532"},{"reference_url":"https://usn.ubuntu.com/5360-1/","reference_id":"USN-5360-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5360-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/37468?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-j8tk-s915-pbfy"},{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-qkx6-32cj-jfbp"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.6"}],"aliases":["CVE-2021-30640","GHSA-36qh-35cm-5w2w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kwab-3s4q-eka4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4452?format=json","vulnerability_id":"VCID-nmq2-8ysj-4fbc","summary":"If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42252","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34895","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37404","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40714","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40929","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40887","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40898","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40573","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40498","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40473","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40568","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40548","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40481","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40631","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/0d089a15047faf9cb3c82f80f4d28febd4798920"},{"reference_url":"https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77"},{"reference_url":"https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/a1c07906d8dcaf7957e5cc97f5cdbac7d18a205a"},{"reference_url":"https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/c9fe754e5d17e262dfbd3eab2a03ca96ff372dc3"},{"reference_url":"https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/"}],"url":"https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42252","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42252"},{"reference_url":"https://security.gentoo.org/glsa/202305-37","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T15:08:43Z/"}],"url":"https://security.gentoo.org/glsa/202305-37"},{"reference_url":"https://tomcat.apache.org/security-10.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-10.html"},{"reference_url":"https://tomcat.apache.org/security-8.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html"},{"reference_url":"https://tomcat.apache.org/security-9.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141329","reference_id":"2141329","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252","reference_id":"CVE-2022-42252","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42252"},{"reference_url":"https://github.com/advisories/GHSA-p22x-g9px-3945","reference_id":"GHSA-p22x-g9px-3945","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p22x-g9px-3945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1663","reference_id":"RHSA-2023:1663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1664","reference_id":"RHSA-2023:1664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1664"},{"reference_url":"https://usn.ubuntu.com/6880-1/","reference_id":"USN-6880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81243?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.27"},{"url":"http://public2.vulnerablecode.io/api/packages/50649?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rmy-13ym-3bgm"},{"vulnerability":"VCID-74tx-sx8a-guhs"},{"vulnerability":"VCID-d1fm-vbd1-n7au"},{"vulnerability":"VCID-fpgj-82wf-ykbw"},{"vulnerability":"VCID-gyed-x6s8-ybhr"},{"vulnerability":"VCID-j6cj-ftyd-3ffa"},{"vulnerability":"VCID-stds-vw5z-auhp"},{"vulnerability":"VCID-v7tp-1t4h-zqeg"},{"vulnerability":"VCID-vsdf-4tfj-uybe"},{"vulnerability":"VCID-zw2q-kna8-mqcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1"}],"aliases":["CVE-2022-42252","GHSA-p22x-g9px-3945"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmq2-8ysj-4fbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4453?format=json","vulnerability_id":"VCID-p8q2-pt96-5ye8","summary":"In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34305.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34305","reference_id":"","reference_type":"","scores":[{"value":"0.10575","scoring_system":"epss","scoring_elements":"0.93354","published_at":"2026-05-14T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94945","published_at":"2026-04-08T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94953","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94955","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94958","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94966","published_at":"2026-04-16T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94969","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94973","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94982","published_at":"2026-05-05T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94988","published_at":"2026-05-07T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94998","published_at":"2026-05-09T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.95002","published_at":"2026-05-11T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.95007","published_at":"2026-05-12T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94933","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16853","scoring_system":"epss","scoring_elements":"0.94936","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34305"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80"},{"reference_url":"https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7"},{"reference_url":"https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac"},{"reference_url":"https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c"},{"reference_url":"https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34305","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34305"},{"reference_url":"https://security.gentoo.org/glsa/202208-34","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-34"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0006","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220729-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0006/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220729-0006/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/06/23/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/06/23/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102817","reference_id":"2102817","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305","reference_id":"CVE-2022-34305","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305"},{"reference_url":"https://github.com/advisories/GHSA-6j88-6whg-x687","reference_id":"GHSA-6j88-6whg-x687","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6j88-6whg-x687"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/264382?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.23"}],"aliases":["CVE-2022-34305","GHSA-6j88-6whg-x687"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p8q2-pt96-5ye8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4454?format=json","vulnerability_id":"VCID-qkx6-32cj-jfbp","summary":"The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29885.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29885","reference_id":"","reference_type":"","scores":[{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98087","published_at":"2026-04-16T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98081","published_at":"2026-04-13T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98103","published_at":"2026-05-14T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98098","published_at":"2026-05-12T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98097","published_at":"2026-05-09T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98094","published_at":"2026-05-07T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98095","published_at":"2026-05-11T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98089","published_at":"2026-04-29T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.9808","published_at":"2026-04-12T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98086","published_at":"2026-04-26T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98084","published_at":"2026-04-24T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98088","published_at":"2026-04-18T12:55:00Z"},{"value":"0.55532","scoring_system":"epss","scoring_elements":"0.98083","published_at":"2026-04-21T12:55:00Z"},{"value":"0.58505","scoring_system":"epss","scoring_elements":"0.98199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.58505","scoring_system":"epss","scoring_elements":"0.98195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.58505","scoring_system":"epss","scoring_elements":"0.98198","published_at":"2026-04-04T12:55:00Z"},{"value":"0.58505","scoring_system":"epss","scoring_elements":"0.98204","published_at":"2026-04-08T12:55:00Z"},{"value":"0.58505","scoring_system":"epss","scoring_elements":"0.98205","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29885"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/0fa7721f11d565a2cd2e44366c388ad6a3e6357d"},{"reference_url":"https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/36826ea638457d7e17876a70f89cb435b6db0d91"},{"reference_url":"https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/b679bc627f5a4ea6510af95adfb7476b07eba890"},{"reference_url":"https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/eaafd28296c54d983e28a47953c1f5cb2c334f48"},{"reference_url":"https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220629-0002","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220629-0002"},{"reference_url":"https://www.debian.org/security/2022/dsa-5265","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5265"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093014","reference_id":"2093014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2093014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885","reference_id":"CVE-2022-29885","reference_type":"","scores":[{"value":"Low","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29885"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py","reference_id":"CVE-2022-29885","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/51262.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29885","reference_id":"CVE-2022-29885","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29885"},{"reference_url":"https://github.com/advisories/GHSA-r84p-88g2-2vx2","reference_id":"GHSA-r84p-88g2-2vx2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r84p-88g2-2vx2"},{"reference_url":"https://usn.ubuntu.com/6943-1/","reference_id":"USN-6943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/50648?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/50649?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rmy-13ym-3bgm"},{"vulnerability":"VCID-74tx-sx8a-guhs"},{"vulnerability":"VCID-d1fm-vbd1-n7au"},{"vulnerability":"VCID-fpgj-82wf-ykbw"},{"vulnerability":"VCID-gyed-x6s8-ybhr"},{"vulnerability":"VCID-j6cj-ftyd-3ffa"},{"vulnerability":"VCID-stds-vw5z-auhp"},{"vulnerability":"VCID-v7tp-1t4h-zqeg"},{"vulnerability":"VCID-vsdf-4tfj-uybe"},{"vulnerability":"VCID-zw2q-kna8-mqcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1"}],"aliases":["CVE-2022-29885","GHSA-r84p-88g2-2vx2"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkx6-32cj-jfbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4466?format=json","vulnerability_id":"VCID-ran8-rnqn-tkbc","summary":"While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17527","reference_id":"","reference_type":"","scores":[{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93335","published_at":"2026-05-14T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.9332","published_at":"2026-05-12T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93313","published_at":"2026-05-11T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93226","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93312","published_at":"2026-05-09T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93303","published_at":"2026-05-07T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93289","published_at":"2026-05-05T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93282","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93287","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.9329","published_at":"2026-04-24T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93284","published_at":"2026-04-21T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93277","published_at":"2026-04-18T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93272","published_at":"2026-04-16T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93254","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93253","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93251","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.9324","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93247","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10506","scoring_system":"epss","scoring_elements":"0.93238","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17527"},{"reference_url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=64830","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=64830"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29"},{"reference_url":"https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb"},{"reference_url":"https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65"},{"reference_url":"https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1@%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-17527","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-17527"},{"reference_url":"https://security.netapp.com/advisory/ntap-20201210-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20201210-0003"},{"reference_url":"https://tomcat.apache.org/security-10.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-10.html"},{"reference_url":"https://tomcat.apache.org/security-8.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html"},{"reference_url":"https://tomcat.apache.org/security-9.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html"},{"reference_url":"https://www.debian.org/security/2021/dsa-4835","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4835"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/12/03/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2020/12/03/3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1904221","reference_id":"1904221","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1904221"},{"reference_url":"https://security.archlinux.org/ASA-202012-3","reference_id":"ASA-202012-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-3"},{"reference_url":"https://security.archlinux.org/AVG-1317","reference_id":"AVG-1317","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527","reference_id":"CVE-2020-17527","reference_type":"","scores":[{"value":"Moderate","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527"},{"reference_url":"https://github.com/advisories/GHSA-vvw4-rfwf-p6hx","reference_id":"GHSA-vvw4-rfwf-p6hx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vvw4-rfwf-p6hx"},{"reference_url":"https://security.gentoo.org/glsa/202012-23","reference_id":"GLSA-202012-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202012-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0494","reference_id":"RHSA-2021:0494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0495","reference_id":"RHSA-2021:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4012","reference_id":"RHSA-2021:4012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5134","reference_id":"RHSA-2021:5134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5134"},{"reference_url":"https://usn.ubuntu.com/5360-1/","reference_id":"USN-5360-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5360-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39433?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dy6m-zt6r-9ubd"},{"vulnerability":"VCID-j8tk-s915-pbfy"},{"vulnerability":"VCID-kwab-3s4q-eka4"},{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-qkx6-32cj-jfbp"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2"}],"aliases":["CVE-2020-17527","GHSA-vvw4-rfwf-p6hx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ran8-rnqn-tkbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4464?format=json","vulnerability_id":"VCID-t2ne-75ck-eqcr","summary":"When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25122.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25122.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25122","reference_id":"","reference_type":"","scores":[{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85675","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85639","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85626","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85631","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85613","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.8559","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85573","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85575","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85565","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85543","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85547","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85542","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85518","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85522","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85524","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85447","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85509","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85501","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.85477","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02562","scoring_system":"epss","scoring_elements":"0.8546","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25122"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa"},{"reference_url":"https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1"},{"reference_url":"https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat/commit/dd757c0a893e2e35f8bc1385d6967221ae8b9b9b"},{"reference_url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25122","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25122"},{"reference_url":"https://security.gentoo.org/glsa/202208-34","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-34"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210409-0002","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210409-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210409-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210409-0002/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4891","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4891"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/03/01/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/03/01/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1934032","reference_id":"1934032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1934032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122","reference_id":"CVE-2021-25122","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122"},{"reference_url":"https://github.com/advisories/GHSA-j39c-c8hj-x4j3","reference_id":"GHSA-j39c-c8hj-x4j3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j39c-c8hj-x4j3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2561","reference_id":"RHSA-2021:2561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2562","reference_id":"RHSA-2021:2562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3425","reference_id":"RHSA-2021:3425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5532","reference_id":"RHSA-2022:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5532"},{"reference_url":"https://usn.ubuntu.com/5360-1/","reference_id":"USN-5360-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5360-1/"},{"reference_url":"https://usn.ubuntu.com/6943-1/","reference_id":"USN-6943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39433?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dy6m-zt6r-9ubd"},{"vulnerability":"VCID-j8tk-s915-pbfy"},{"vulnerability":"VCID-kwab-3s4q-eka4"},{"vulnerability":"VCID-nmq2-8ysj-4fbc"},{"vulnerability":"VCID-p8q2-pt96-5ye8"},{"vulnerability":"VCID-qkx6-32cj-jfbp"},{"vulnerability":"VCID-wptr-hkjx-s7c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.2"}],"aliases":["CVE-2021-25122","GHSA-j39c-c8hj-x4j3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ne-75ck-eqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4457?format=json","vulnerability_id":"VCID-wptr-hkjx-s7c3","summary":"The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42340.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42340.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42340","reference_id":"","reference_type":"","scores":[{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88865","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88944","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88926","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88916","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88922","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88909","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88892","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88884","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88883","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.88863","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04282","scoring_system":"epss","scoring_elements":"0.8886","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90377","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90416","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90424","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.9041","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90396","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90392","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05703","scoring_system":"epss","scoring_elements":"0.90379","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42340"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat/commit/31d62426645824bdfe076a0c0eafa904d90b4fb9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/31d62426645824bdfe076a0c0eafa904d90b4fb9"},{"reference_url":"https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47"},{"reference_url":"https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476aa6b6a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476aa6b6a"},{"reference_url":"https://github.com/apache/tomcat/commit/d5a6660cba7f51589468937bf3bbad4db7810371","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/d5a6660cba7f51589468937bf3bbad4db7810371"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10379","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10379"},{"reference_url":"https://lists.apache.org/thread.html/r8097a2d1550aa78e585fc77e602b9046e6d4099d8d132497c5387784@%3Ccommits.myfaces.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r8097a2d1550aa78e585fc77e602b9046e6d4099d8d132497c5387784@%3Ccommits.myfaces.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d57ced2e70e0885f905c%40%3Cannounce.tomcat.apache.org%3E"},{"reference_url":"https://security.gentoo.org/glsa/202208-34","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-34"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211104-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20211104-0001"},{"reference_url":"https://tomcat.apache.org/security-10.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-10.html"},{"reference_url":"https://tomcat.apache.org/security-8.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-8.html"},{"reference_url":"https://tomcat.apache.org/security-9.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-9.html"},{"reference_url":"https://www.debian.org/security/2021/dsa-5009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-5009"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014356","reference_id":"2014356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014356"},{"reference_url":"https://security.archlinux.org/AVG-2469","reference_id":"AVG-2469","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2469"},{"reference_url":"https://security.archlinux.org/AVG-2470","reference_id":"AVG-2470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340","reference_id":"CVE-2021-42340","reference_type":"","scores":[{"value":"Important","scoring_system":"apache_tomcat","scoring_elements":""}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42340"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42340","reference_id":"CVE-2021-42340","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42340"},{"reference_url":"https://github.com/advisories/GHSA-wph7-x527-w3h5","reference_id":"GHSA-wph7-x527-w3h5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wph7-x527-w3h5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4861","reference_id":"RHSA-2021:4861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4863","reference_id":"RHSA-2021:4863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1179","reference_id":"RHSA-2022:1179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5532","reference_id":"RHSA-2022:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5532"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/50649?format=json","purl":"pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rmy-13ym-3bgm"},{"vulnerability":"VCID-74tx-sx8a-guhs"},{"vulnerability":"VCID-d1fm-vbd1-n7au"},{"vulnerability":"VCID-fpgj-82wf-ykbw"},{"vulnerability":"VCID-gyed-x6s8-ybhr"},{"vulnerability":"VCID-j6cj-ftyd-3ffa"},{"vulnerability":"VCID-stds-vw5z-auhp"},{"vulnerability":"VCID-v7tp-1t4h-zqeg"},{"vulnerability":"VCID-vsdf-4tfj-uybe"},{"vulnerability":"VCID-zw2q-kna8-mqcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.1"}],"aliases":["CVE-2021-42340","GHSA-wph7-x527-w3h5"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wptr-hkjx-s7c3"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.0.0"}